Changelog v0.7 (Maintenance Release with a couple of cool additions):
+ Web app attacks-Added the ability to specify multiple parameters for injection simultaneously; For example, trying an associative array injection attack on two parameters in the same HTTP request, like the username and password field on a logon page.
+ Bugfix-Workaround to correct issues with self-signed certificates when attacking HTTPS sites and running on Python 2.7.9 or later.
+ Bugfix-Improper formatting on timing based attack URL (trailing &).
+ General-Cleaned up Web app attack code. All moved into a freestanding Python module.

NoSQLMap v0.7

NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases as well as web applications using NoSQL in order to disclose data from the database.
It is named as a tribute to Bernardo Damele and Miroslav’s Stampar’s popular SQL injection tool sqlmap, and its concepts are based on and extensions of Ming Chow’s excellent presentation at Defcon 21, “Abusing NoSQL Databases”. Presently the tool’s exploits are focused around MongoDB, but additional support for other NoSQL based platforms such as CouchDB, Redis, and Cassandra are planned in future releases.

NoSQLMap-v0-5

Requirements
On a Debian or Red Hat based system, the setup.sh script may be run as root to automate the installation of NoSQLMap’s dependencies.
Varies based on features used:
+ Metasploit Framework
+ MongoDB
+ Python with PyMongo
+ httplib2
+ and urllib available.